<?php
//maybe need to use session to store username
if(!isset($_POST['username'])|| !isset($_POST['password'])){
	print "Both fields are required.";
}else if(isset($_POST['username'])&& isset($_POST['password'])) {
	if($_POST['username'] == '' || $_POST['password'] == '' ){
		print "Both fields are required.";
	}else{
	session_start();

	include ('sqlconnection.php');
	$username = $_POST["username"];
	$password = $_POST["password"];
	
	
	$db = new Database();
	$db->connect();
	
	$query = "select * from usertable where username = '$username' and password = '$password'";
	
	$result = mysql_query($query);
	
	$count = mysql_num_rows($result);
	if($count > 0){
		while($rows = mysql_fetch_array($result)){
			$firstTime = $rows['firsttime'];
			$_SESSION["username"] = $rows['username'];
		}
		$db->disconnect();
		if($firstTime == 1){
			echo "1";
		}
		else{
			echo "0";
		}
	}
	else{
		echo "Username or password is incorrect";
	}
	}
}
?>